update regex to blur mongo credentials (#686)

TykTechnologies · Jul 26, 2023 · 1a6d80b · 1a6d80b
1 parent af48e86
commit 1a6d80b
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/pumps/mongo.go b/pumps/mongo.go
@@ -112,9 +112,9 @@ func createDBObject(tableName string) dbObject {
 }
 
 func (b *BaseMongoConf) GetBlurredURL() string {
-	// mongo uri match with regex ^(mongodb:(?:\/{2})?)((\w+?):(\w+?)@|:?@?)(\S+?):(\d+)(\/(\S+?))?(\?replicaSet=(\S+?))?$
-	// but we need only a segment, so regex explanation: https://regex101.com/r/8Uzwtw/1
-	regex := `^(mongodb:(?:\/{2})?)((...+?):(...+?)@)`
+	// mongo uri match with regex ^(mongodb\S*(+srv)*:(?:\/{2})?)((\w+?):(\w+?)@|:?@?)(\S+?):(\d+)(\/(\S+?))?(\?replicaSet=(\S+?))?$
+	// but we need only a segment, so regex explanation: https://regex101.com/r/C4GQvi/1
+	regex := `^(mongodb\S*(srv)*:(?:\/{2})?)((...+?):(...+?)@)`
 	re := regexp.MustCompile(regex)
 
 	blurredUrl := re.ReplaceAllString(b.MongoURL, "***:***@")

diff --git a/pumps/mongo_test.go b/pumps/mongo_test.go
@@ -459,6 +459,11 @@ func TestGetBlurredURL(t *testing.T) {
 			givenURL:           "mongodb://UserName:Password@sample-cluster-instance.cluster-corlsfccjozr.us-east-1.docdb.amazonaws.com:27017?replicaSet=rs0&ssl_ca_certs=rds-combined-ca-bundle.pem",
 			expectedBlurredURL: "***:***@sample-cluster-instance.cluster-corlsfccjozr.us-east-1.docdb.amazonaws.com:27017?replicaSet=rs0&ssl_ca_certs=rds-combined-ca-bundle.pem",
 		},
+		{
+			testName:           "DNS seed list connection",
+			givenURL:           "mongodb+srv://admin:pass@server.example.com/?connectTimeoutMS=300000",
+			expectedBlurredURL: "***:***@server.example.com/?connectTimeoutMS=300000",
+		},
 	}
 
 	for _, tc := range tcs {